Extract IP Address from Log File


 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Extract IP Address from Log File
# 1  
Old 12-06-2012
Extract IP Address from Log File

I have a log file with several IP addresses in it:-
Code:
2012-12-06 16:05:05,885 NOTICE [10674] **SNMP** Alarm was created:  (LicenseClientRejected) Client Remote Peer /125.111.64.125:2573 was 
Rejected Property=/125.111.64.125:2573, Client Remote Peer /125.111.64.125:2573 was 
Rejected **SNMP**. [New I/O server boss #6 ([id: 0x70a81b43, /125.111.64.125:2573])_11]
2012-12-06 16:16:45,739 NOTICE [10674] **SNMP** Alarm was created:  (LicenseClientRejected) Client Remote Peer /104.121.98.124:3583 was 
Rejected Property=/104.121.98.124:3583, Client Remote Peer /104.121.98.124:3583 was 
Rejected **SNMP**. [New I/O server boss #5 ([id: 0x03174ea5, /104.121.98.124:3583])_11]

How can I extract them and list the unique IP addresses using awk or sed ?
# 2  
Old 12-06-2012
See if this gives you what you want:
Code:
grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' log_file_name.txt | sort | uniq

# 3  
Old 12-06-2012
OS is SunOS
Code:
uname
SunOS

And the options specified for grep is not supported:-
Code:
grep: illegal option -- E
grep: illegal option -- o
Usage: grep -hblcnsviw pattern file . . .

# 4  
Old 12-06-2012
From your log, I have made the commands below on Solaris OS.
Code:
# cat LOG | awk '{ for ( i=1;i<=NF;i++ ) Vword[$i]++ } END { for( WORD in Vword ) print WORD }' > word.tmp
# cat word.tmp  | awk -F/ '{print $2}' | awk -F: '{print $1}'| grep -v ^$ | sort -u
104.121.98.124
125.111.64.125

Cheers,
This User Gave Thanks to Joseph_TKLee For This Post:
# 5  
Old 12-06-2012
try also:
Code:
awk '/^[0-9.]+[.][0-9]+$/{if(!a[$0]++)print $0}' RS="[ :/\n]" infile


Last edited by rdrtx1; 12-06-2012 at 08:10 PM..
This User Gave Thanks to rdrtx1 For This Post:
# 6  
Old 12-06-2012
Quote:
Originally Posted by BHM
OS is SunOS
OH, Ok, Then this should work using sed:
Code:
sed 's#.*/\([0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\).*#\1#g' log_file_name.txt | sort | uniq

Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Extract data from a log file and put it in a file

Hi, I would like to seek your help for a script that will extract data from log file and put it in a file. Sample log file 2018-10-23 12:33:21 AI ERROR -- tpid: SAMPLE_TH account: 123456789 aiSessionNumber: 660640464 mapName: xxx to yyy errorDesc: Translation Error:ErrorNumber : 993 ... (2 Replies)
Discussion started by: neverwinter112
2 Replies

2. UNIX for Beginners Questions & Answers

Fetching address and user details from log file

Hi All, I have a requirement to get the address values from a large log file along with the user details. line1,line2,city,stateCode,postalCode,countryCode. The below code as advised in the earlier post is giving the user data zgrep -B1 "Failed to calculate Tax" log.2018-05-23.gz | grep... (8 Replies)
Discussion started by: nextStep
8 Replies

3. Shell Programming and Scripting

Perl one liner to extract first three octets of IP Address

Hi I have an inherited perl script that extracts the first three octets of an IP Address using a combination of split() against a dot and then builds it all back together again, its a whole block of code to do this I wondered if anyone had a one liner in their arsenal to extract the first... (7 Replies)
Discussion started by: hcclnoodles
7 Replies

4. Shell Programming and Scripting

How to extract start/end times from log file to CSV file?

Hi, I have a log file (log.txt) that which contains lines of date/time. I need to create a script to extract a CSV file (out.csv) that gets all the sequential times (with only 1 minute difference) together by stating the start time and end time of this period. Sample log file (log.txt) ... (7 Replies)
Discussion started by: Mr.Zizo
7 Replies

5. Shell Programming and Scripting

How to extract IPv6 address from string?

Hi All, Would anyone know how to modify the below, so only the IPv6 address (red) is printed, please? (in other words, what's between inet6 and the / sign) ipv6=`/sbin/ifconfig lo0:5 inet6 | grep 'inet6'` print $ipv6 Currently the output of the above script is: inet6... (7 Replies)
Discussion started by: chatguy
7 Replies

6. Shell Programming and Scripting

SED With Regex to extract Email Address

Hi Folks, In my program, I have a variable which consists of multiple lines. i need to use each line as an input. My intention is to extract the email address of the user in each line and use it to process further. The email address could be anywhere in the whole line. But there will be only... (5 Replies)
Discussion started by: ragz_82
5 Replies

7. Shell Programming and Scripting

Regular expression to extract ipv6 address

Hi all , I have a string in my weblog xheader v6-day-2011:xx:yy:zz:qq:qq:ww:ee:rr My requirement is to lookup the sting v6-day-2011 in this header and if found would like to extract the V6 ip part . v6-day-2011 is always constant for a ipv6 entry so i would like to extract every thing... (4 Replies)
Discussion started by: jambesh
4 Replies

8. Shell Programming and Scripting

Script extract from log file

Hi i new to scripting and am trying to create a script to pull my current of logs from /var/logs/secure and name it securelog-Month-Day-Hour.txt example: grep 'Mar 5 11' /var/logs/secure > /home/(user)/Documents/Logs/mylog-02-1-11 How do i set the targeted strings to be the current... (2 Replies)
Discussion started by: M47H415
2 Replies

9. Shell Programming and Scripting

Extract date from log file

Hello All, I just need to extract the date portion from a apache log file I am able to do it using the chain of command - Logfile contents - First record - ========================== 197.130.211.240 - - "GET /jp/index.shtml HTTP/1.1" 200 24255... (4 Replies)
Discussion started by: jambesh
4 Replies

10. Shell Programming and Scripting

Replacing all instances of an IP address in a log file.

I know this should be simple but the periods in the string replacement are throwing me off. What I want to do is replace 1.1.1.1 in my access.log file with 2.2.2.2 I have tried using 'tr' but its being thrown off by the periods and replacing all sorts of stuff in the file. What do I need... (2 Replies)
Discussion started by: LordJezo
2 Replies
Login or Register to Ask a Question